Archive

Earlier this week, Google announced that hundreds of its GMail accounts were affected by an attack designed to forward the account’s emails to other accounts. Google claims that the attacks originated from China and while they did not directly blame the Chinese government for the attacks that didn’t stop that government from denying any involvement. Now a new report from Trend Micro says that similar attacks have also affected accounts recently for Microsoft’s Hotmail and Yahoo’s Yahoo Mail services.

According to the report, Trend Micro team members found a “phishing” attack on Hotmail that disguised itself as an email from Facebook’s security team. The report says that users would be affected by the email just by previewing it rather than opening the email up. In addition the report states, “We recently alerted Yahoo! of an attempt to exploit Yahoo! Email by stealing users’ cookies in order to gain access to their email accounts. While this attempt appeared to fail, it does signify that attackers are attempting to attack Yahoo! Email users as well.”

While these kinds of attacks may be hard to defend against there are some clues that a user of web-based email system can use to fight off against these “phishing” attacks. Trend Micro says that users can look for spelling or grammatical errors in these so-called “official” emails. Also you can use a two step email verification system to help make sure any emails you receive are genuine. Trend Micro also decided to promote its own software programs at the end of the report for defense against malicious emails.

Google confirmed on Sunday that a major bug has mysteriously deleted the entire contents from within roughly 150,000 Gmail accounts. Google initially reported the problem to be more widespread, but it revised its initial estimate down from 0.29% of total Gmail user accounts to 0.08%. According to user reports, email correspondence from within affected accounts was deleted earlier this past weekend. Affected users were initially unable to log in to their accounts, and then found that their data had been deleted once access to the accounts had been restored. Accounts were essentially reset, with years worth of emails and chats having seemingly been erased. Google appears confident that the lost data will be restored, however, and it notes that users will be unable to access their accounts while engineers address the issue. “Google engineers are working to restore full access,” Google noted on its Gmail status page. “Affected users will be temporarily unable to sign in while we repair their accounts.”

It’s now been just a few days now since Google launched its Google Buzz social-sharing service and started rolling it out to Gmail users. Much of the coverage so far has been grumpy — especially when it comes to the fact that the initial list of people you autofollow on Buzzis based on who you talk with most often in Gmail, and that list is public unless you choose to make it private.

To its credit, Google has responded swiftlyto complaints: It’s already tweaked Buzz to make it more obvious what information the service is making public, and to help you crank up the privacy settings.

(Side note: I kinda wish that Google’s blog post hadn’t talked about users who “thought their contacts were being made public without their knowledge (in particular the lists of people they follow, and the people following them).”If Google is making this information public, I don’t see how users can think it’s being done “without your knowledge.” If you think you don’t know something, then…you don’t. I think Google meant something along the lines of “thought their contacts were being made public without any disclosure…”)

Google’s explanation of the post-release changes points out that millions of people are now using Buzz…and maybe that’s part of the issue. Rather than let a sizable pool of testers outside of Google try the service out before opening up the floodgates, it’s gone straight to a full-blown launch. Sounds like the company didn’t expect some of the confusion that’s happening.

Me, I’m finding much to like in Buzz. For instance, it has one of the nicest photo-album viewers I’ve ever seen anywhere:

I’m not going to dump Twitter and Facebook anytime soon, but Buzz is full of potential and I can see it becoming the third major service of this sort. Given Google’s spotty history with social stuff, that’s impressive in itself.

But multiple aspects of Buzz in its current form are frustrating. And quite frequently, the service leaves me just plain confused.

Since the news Monday that somebody posted online the account details of more than 10,000 Windows Live Hotmail users, the BBC has uncovered at least 20,000 more victims from Hotmail, Gmail, Yahoo Mail, AOL, Comcast and Earthlink.

Like Microsoft, Google has said the Gmail accounts were compromised by a phishing scheme, in which users are duped, usually by a bogus Web site, into thinking they are giving personal information to their e-mail provider. more…